North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: while i'm on the subject of filtering, here's today's list of spammers

  • From: Karl Denninger
  • Date: Wed Feb 19 22:51:22 1997

> Filtering by domain names doesn't work.  Filtering by email source address
> doesn't work.  Complaining, by itself, doesn't work.  Asking to be removed
> from the spammer's spam list VERY DEFINITELY doesn't work.

Filtering by connection to the SMTP port, based on source address, very
definitely DOES work.

> Removing people from the cooperative portion of the Internet works fine.

Overbroad and unnecessary.

> If those of us who "fight spam" laid back and did nothing, you and every
> other online Internet user would be getting ten spams an hour by this time.
> It took a legal judgement against Sanford Wallace to get him to stop spamming
> all of AOL and Compuserve.  Jeff Slaton finds it hard to get a new internet
> connection every time he soils a new nest.  

And again, unnecessary and overbroad.  Filtering at the SMTP receiver port
is perfectly fine, it works, and it doesn't prevent other traffic.

> The BGP peerage pressures are trending the Internet toward settlements, which
> is not a cooperative economic system.  In such a system it will be hard as
> nails to get a new ISP started since the people you want to peer with won't
> want you as anything but a customer.  However, the one side benefit will be
> that spamming will cost as much, or more, than postal system advertising.
> I would like to solve the problem with social pressure, but sooner or later
> it will be solved by making a new noncooperative economic underpinning.

CIDR and provider-based network numbering has already done that Paul, unless
you like being tied to your upstream provider in perpetuity.

Or, in the other case, you only like selling dynamic dial-up with no
permanent addresses mapped to DNS names *anywhere* on your network or those
of your customers.  Those ISPs *ARE* a dying breed, if they're not already

Wholesale filtering sets an ugly precedent.  If someone was sending SYN
packets with random port numbers it would be one thing (and the only
effective thing that could be done) but in this particular case it is
neither necessary NOR, in my opinion, appropriate for a network which
operates a *PUBLIC* resource.

You speak of cooperative models on one hand, yet don't support those on 
the other (e.g. eDNS).  The truth is evident when you start erecting
full-blown packet filters, which are unnecessary, as a response to a
personal affront.

It took me 30 seconds to add Earthlink's POPs to my SPAM-blocker SMTP port
reject list this morning.  That has a near-zero impact on legitimate email 
delivery, but it stops cold any attempt to relay spam through our 

That's a point-source response to the problem Paul.  Try it on sometime.

Karl Denninger ([email protected])| MCSNet - The Finest Internet Connectivity     | T1's from $600 monthly to FULL DS-3 Service
			     | 99 Analog numbers, 77 ISDN, Web servers $75/mo
Voice: [+1 312 803-MCS1 x219]| Email to "[email protected]" WWW:
Fax:   [+1 312 803-4929]     | 2 FULL DS-3 Internet links; 400Mbps B/W Internal
- - - - - - - - - - - - - - - - -